What for it....
...all the "It's my software/hardware, I can do what the eff I like with it!" people will be out in force now!
Hardware hackers claim to have uncovered the private key used by Sony to authorise code to run on PlayStation 3 systems. The hackers uncovered the hack in order to run Linux or PS3 consoles, irrespective of the version of firmware the games console was running. By knowing the private key used by Sony the hackers are able to …
Now seeing a license agreement for hardware saying that this hardware is not being sold to you, you just get a license to use it would be a totally different kettle of fish. Rules for renting hardware/physical things/tools are well established. If you rent a car, you must return it at the end of the location contract or buy it and therefore own it. Also, location or renting is limited in time and most of the time there is a contract specifying the details. Sony will have a lot of lobbying to do in order to change a lot of laws here. it will be fun to see what they'll come out with.
Sony kinda brought it on themselves by removing the ability to run Linux on the PS3 in the first place. It's one thing not to be allowed to run Linux on a console, but to be allowed when you buy it and then to have that arbitrarily revoked???
I'd imagine it'll be impossible to change. They could sign new code with a new key (and obviously pass that to the console as an update) but they'll surely have to honour the compromised key or explain to customers why their older games no longer work (or is it just the OS that needs signing?)
Sucks to be them, but it was largely self inflicted!
Actually, the keys are impossible to change, as they are relied upon in certain areas of the boot process, and are irrevokable. Note that the Apploader key (that allows GameOS stuff to be signed)hasn't been found yet, and I don't think that Marcan and co. are in a hurry to do that ;)
The "exploit", if it can be called that, shows how much fail Sony are made of. The AES encryption in hardware was cool, if only they didn't use the SAME F***ING RANDOM NUMBER to generate the keys. That means that when you have two public keys, you can rearange the terms of the AES equation using basic algebra to get the private key.
The presentation is worth the watch for technical details, and if you like memes the thing is full of them (Over 9000 PSJailbreak clones, hehe)
Fail icon, 'cos of Sony's fail
This had nothing to do with OtherOS, it's just some spotty teenagers trying to tie the two events together.
The fact is, before Sony removed OtherOS two things were true:
1/ Nobody cared about it
2/Those handful of people that did, were crying about GPU hardware access.
So lets stop pretending shall we?
This post has been deleted by its author
From watching the presentation the method by which Sony chose to generate a random number for the private key was to pick one and then use it repeatedly. And because the numbers are the same in the first section of the signed excutables you can apply some good old fashioned math and get the key from the SELFs already out there.
Pretty silly from a company with the highest rate of piracy in the last generation of consoles.
I bet there is a PKI guy at Sony with a red face and a P45.
Generating unique encryption key and embedding them in hardware is unpractical, it defeats the purpose of mass production. It's way much easy to generate a key and use it in thousands of identical chips than to generate unique keys, keep track of them and customize every chip with its unique key. While it is technically feasible, it doesn't scale well for mass production.
The same thing happened with encryption keys used for HDCP in that once THE key has been leaked the protection (racket) scheme was compromised for good.
If every console had a unique key surely the hackers would just publish the code/methodology for finding your key in the same manner they had found theirs? That whole process could be automated i am sure.
Failing that would we end up with some sort of draconian UbiSoft style copy protection?
Why not just have a homebrew private key that when used pops up a disclaimer that disavows all knowledge and tells you all problems you encounter are SEP?
Sony will rue the day they removed the OtherOS feature from the PS3. Many many people legitimately used it to run Linux - and even bought the PS3 over the xbox360 due to this extra function/ability.
yes, the bad people want to run pirated games...but all Sony has done is pushed the legitimate people into the underground scene world...and basically accelerated this cracking of the system.
Sony - grow a backbone and give back the OtherOS feature as it was listed as a feature of the system when sold originally...I know you don't care about the 'its a computer!' tax dodgy..as that no longer applies anyway.
What an utterly absurd suggestion. Crackers / hackers would have used Linux to obtain the same information that they're after now. Removing Linux has "backfired". It was prudent in the circumstances and hackers would probably gotten further on with it being there than from it being absent. So Sony were right to do it even if their other protections contain goofs of their own.
Before the OtherOS removal, the only ones interested in cracking the PS3 were trying to get pirated games to run on the PS3. The "run Linux in my toaster" crowd was uninterested, and incidentally this crowd is usually the one that actually gets the impossible stuff don, like porting Android to the iPhone. While a PS3 crack could have eventually happened, it would've taken far more time if the PS3-Linux crew hadn't been involved, up to the point that the fail0ver team didn't care about cracking PS3s until Sony removed OtherOS.
It is also interesting to note that when they release these juicy bits of code, it will NOT allow pirated games to run. They don't want pirated games, they want Linux and have enabled a way to run Linux *without* automatically compromising the GameOS at the same time, which was the case with the earlier USB trick. And it will probably remain that way, as a run-Linux/no-piracy jailbreak won't run afoul of the DMCA. :)
Stop rewriting history. The reason OtherOS was removed was precisely because someone was developing a crack on the hypervisor. Do you really think Sony was going to leave OtherOS there and lose potentially billions to pirates?
And all the exploits after the removal have been nothing to do with making Linux run (expect as a vector to launch further attacks) and all about playing unsigned or cracked games.
The crack using hypervisor was to give Linux the ability to fully utilize the hardware. Piracy wasn't a goal there, and would have been a whole lot more work than this will be.
I called it though. I said as soon as the otherOS option vanished from my PS3 that we'd be seeing an exploit to run Linux again within a year and one that didn't involve a soldering iron in 18 months. I expect to see pirated games running within another couple months.
Dumb move by Sony. The fact that the Linux crowd could mostly do what they wanted without cracking the system was the only thing keeping pirated games off the PS3 when the Wii and 360 were already cracked.
This is a message to all hardware manufacturers: your customers will not let you get away with restricting the functionality of your products. In an information society, restricting information for profit is immoral and unethical. And as you can plainly see, you aren't even good at it. So quit now while you still have your dignity intact. We do not forgive, we do not forget etc.
1 - They will do it anyway in addition of other options
2 - Too late. This option changes nothing to repair or at least limit the damage they suffered, so why bother.
3 - Can't do that because they'll be in violation of copyright law. TiVo was doing that but GPL has been improved to close that loophole. Besides that, there's no point since nobody will want their signed/locked Linux distribution instead of running anything they please.
It is more likely they will try to come up with a way of revoking the key and deploying a new one hoping they will be able to control the much bigger damage this will cause to their reputation. Think of something like return your PS3 in exchange for a shiny new PS4 at no charge.
they make me laugh...
I know well from the home brew scene on the Wii that 'officially' they do not approve of any software that is used to play illegal copies of games to the point that while installing one hack to allow you to read and write to a USB hard drive that it asks you if you intend on using this software to play pirated games. if you say yes it then blocks the instalation of the software and refuses to allow you to re-install it untill you prove you have some legal games..
... as I never played games on it, got a new bluray player with a new sound system, but thought the path of retiring it to linuxhood was closed to me...
But it strikes me, it's taken this long since the PS3's introduction for this hack to come about, despite the presumed lure of being able to run counterfeit games from the start - could it be that no-one with sufficient ability was sufficiently motivated to try *until* Sony closed off the ability to put Linux on it?
Any chance Sony might learn the right lesson from this?
(falls over laughing)
there will be cries of "piracy" and Sony will no doubt attempt to fix this in yet another firmware upgrade, but the simple fact is this, Sony brought this onto themselves by removing the ability to use linux on the fat ps3. If this hack allows slim ps3s' to use linux then im all for it.
About time Sony had a bit of "the other side of the coin" after the root kit fiasco from several years ago.
This is code signing... the ability to take a binary and sign it in such a way that the console believes that its from Sony, rather than the ability to run unsigned binaries.
I would think then that this just means effectively an OS/Homebrew market rather than the complete "rip BluRay", Share, burn BluRay, play as I would have to imagine that there is additional security on the disc, much like the way DVDs embed their signing information in the track 0 which isnt writeable on standard DVD +/- Rs but which you need something like a QFlix enabled burner and media to place the keys in the right place for.
So does knowing the playback key help you remove the protection to resign it to reburn to non-protected media? I'm not sure it does in this case?
If one can install any piece of software it likes then there is nothing you cant do, DVD/BD security are but wee hurdels, think about it, does software exist on the PC that can do as you ask?
can Sony change the keys? well yes they could but its doubtful, software "A" made last year would have the key built in to allow it to run on the PS3, by putting out a firmware update removing that key would effectively stop all software from working that uses that key.
There are many keys used for signing different things on the PS3. At the moment, the Apploader key for GameOS hasn't been found, and Marcan and co. aren't in a rush to find it. So no Blu-Ray piracy yet.
This is not to say that the PS3 isn't completely 0wned, because it is. It's just that you can't pirate games on it.
> I would think then that this just means effectively an OS/Homebrew market rather than the complete "rip BluRay", Share, burn BluRay, play as I would have to imagine that there is additional security on the disc,
It is already very easy to rip bluray disks (and has been for years). The combination of slyfox (or dumphd), bdrebuilder and imgburn gives DRM free disks or ISOs (both standard bluray, and BD5 and BD9 which use standard DVD media) that play both on most BD players *and* on media players, such as the hisense 1080p and geexbox. (In fact the ripped disks start quicker and play more reliably on BD players than DRM encumbered disks.)
So, presuming that these keys would allow live linux CDs to be produced, then all it would need would be a port of these (or similar) tools to be included on a distro. (It would need to support USB burners and mass storage.)
But all it would do is move the work from a PC to a PS3. This doesn't change the landscape for movies.
However it does potentially change the situation for games. If someone successfully rips a game, then it can be played on any machine.
Hmmm, there's a great idea.
Undertake underground illegal activity such as hacking and cracking, things that generally get the authorities and business upset, then once a year all gather for a beer in Berlin.
Or maybe I'm missing something.
Is the only way into the conference through a secret backdoor?
One more time:
Hacking != Cracking
Yes, cracking is illegal (usually in a civil rather than criminal sense). Hacking is the art of using a computer system for other than its intended purpose, usually in a creative way, and is usually totally legal. For example, making a hairdryer out of a toaster would be akin to hacking, manufacturing and selling knock-off brand name toasters would be akin to cracking.
As far as I am aware, the Chaos Computer Club (the group holding this conference) are a group of hackers, not crackers, and, quite rightly, look down upon crackers.
So yes, you are missing something.
It's been out for 4 years, the Xbox was cracked about 20 minutes after release and the same with the Wii.
Now all the chavs who buy their XBox games from a man in a van can finally afford a PS3, woo to them, made up for you. You can now play all the games that people play after work, only you can do it during the day! Jeremy Kyle will be gutted he's just lost his audience.
I've seen many flame wars where people claim that the PC is superior to the console, and in fact, the console is holding the PC back. So why are there so many attempts to open the console to home developers (who already own PCs)? and those attempts are always followed with "we want to program on it, we are not doing it to support piracy!"
If the PC is superior (and more developer friendly), why are home developers trying to program on an inferior platform? (without an SDK to use)
note, because I bought it or because I want to, is not the answer I am looking for. There is a better platform to develop on, and there are many pirates in comparison to homebrew developers. So why help enable piracy (even if it just a side effect) when you have a good platform to develop on?
P.S. I am looking for a honest answer from a homebrew developer, it is not my intention to start a flame war. And for the record, my own answer is: this method will enable me to make an English translation patch for Japanese console games that would, otherwise, never see the light of day in the west!
after reading the details about what have happened, I now realize that this will not enable piracy in any way. It will allow homebrew and nothing else (well, maybe unofficial commercial games?).
hummm... perhaps we will final get a PS2 emulator for the PS3? and perhaps people will finally get the MKV support that they have been crying for.
Yes, indeed the PC will usually be superior to most consoles; and on some accounts, it is still the case. The thing is that the PS3 carries a new kind of processor, the CellBE, that has a new kind of architecture suitable for heavy number-crunching. So while the specs on a PS3 are definitely inferior to a standard PC (256MB RAM? Ha!), the processor itself outruns most current-generation x86 crapcessors.
So while you won't see much interest on Wii Linux or Xbox running Linux; there is a large interest on the PS3 thingy just because of that processor. I don't really care much about homebrew, but I did enjoy tinkering around with the different programming model for the CellBE.
"If the PC is superior (and more developer friendly), why are home developers trying to program on an inferior platform? (without an SDK to use)"
1- An impressing media center, including mp3, Internet on your living room and probably streaming content to other devices, and can double as a game console ;)
2- An inexpensive dedicated p2p client and/or server
3- The kid's computer. More than enough for websurfing, reading email and running some Office software . Almost no viruses. Small form factor.
4- Part of a , ahem, Beowulf cluster or similar system, useful for scientists, companies and universities.
As for the lack of an SDK, my guess is that there will be several Open Source SDKs for this platform before the end of 2011.
Do you think Sony use InterNetworking World Wide Webs as their Prototype Play Station Master Provider of Virtual Machine IntelAIgents and NEUKlearer Intellectual Property?
A SMART Phormation of Great Phishermen and Glorious Perfume Gardeners ...... and a Heavenly Base for SMARTer Phorms of Programs with Virtually Activating Programming ..... SMART Enablement.
Or is the fiction too factual and verifiable and thus always in the excitement and danger of unknown secrets being pressed and pressganged into reality?
It never ceases to amaize me how few people can actually do this level of hacking. Bushing and Marcan, two of Fail0ver, were original members of the iPhone Dev Team, as was GeoHot who's exploit resulted in OtherOS being removed in the first place.
Comex, another well known Wii hacker is now helping with the iPhone.
The same people work on all devices to free them so people can use their own software - pirating is not, nor ever has been, the aim, of these very, very clever people.
The more I learn of their methods the more humbled and grateful I am.
I think you are mis-reading the situation. The necessary technical know-how is not above the level of a degree course in mathematics or computer science. What it takes, in huge amounts, is time and inclination. I'm not saying it is trivial, since clearly Sony managed to get it wrong, but I'm sure there are many more people out there capable of doing this. It's just that most of them are doing other things with their lives.
But, I'm grateful too. These people provide *proof* that the industry DRM dream is unworkable, and since the industry is clearly too thick to figure this out for itself, society needs such demonstrations to ram home the message. It is particularly pleasing that on this occasion the proof can be provided in a way that doesn't facilitate piracy, thereby denying the industry its usual chance to go whining to the lawyers and lawmakers.
Sony will pay dearly for ILLEGALLY removing the linux option. but sales of the PS3 will now explode.... (why do you think the wii is so popular?)
Sony is a company that lost all credibility when they started selling CD with rootkit on it. it should have been shutdown then.... now let's hope widespread piracy will hit Sony where it will realy hurt..,., their bottom line.
I'm totally pissed off that Sony prevents my PS3 from making tea.
I'm on a mission to 'hack'-saw the slot to accept a tea bag and then apply a boiling water overflow.
If this operation fails, then as my mind is so unbalanced from years of sun-deprivation and the inability to talk to girls, I will mistakenly believe that killing virtual soldiers in a series of 1960s flashbacks makes me a real killer.
The staff of the local Premier Inn will all die as I rescue a teasmaid from their evil clutches.
So will anyone in rooms 9, 19, 18, 4, 6, 21, 17, 14...
Now I'm buying a PS3, so are several of my friends, and I know even more people that will do once they learn of this.
In my case I will use the ps3 to have a cheap mediacenter with cheap remote, cheap blu-ray, bluetooth, wireless, and cheap etc.
XBMC will be ported with full gfx hardware acceleration in a couple of months.
You can keep yours to make tea.
Why is so hard for some people to understand that what makes an electronic device attractive for a certain type of people is the fact that you should be able to do with it what you want.
This post has been deleted by a moderator
actually , funny enough,you Cant run XBMC On the xbox 360 as these so called hackers didnt bother to make a signed hack where you could simply boot and run a basic PPC Linux and actaully make some good Decode codecs and containers (to replace the crap limited originals) that actually work with real generic H.264 High profile @4.1 and above.
now that would be worth a few lines in a news item, a self booting 360 signed PPC linux ISO that works on an xbox360 out the box ;)
and before you say the 360 can play H.264 fine, try it with a real HP@4.1 1080P (beetle juice for instance)at your average 15Mbit/s 30fps with 5+ refs inside an MKV container or even mp4, fail...
Up until April 1, 2010, the most talented hackers & coders didn't give a shit about PS3 restrictions, as most of the legal reasons for jailbreaking the PS3 were covered by the standard firmware: running Linux, running games from other regions.
Then Sony decided to piss off that group, thinking "geeze, they got like 1% of all the PS3 market. We can tell them to go fuck themselves and nobody will care!" And to a certain degree, they were right: most people were suckered by the "security reasons" that Sony gave them and called those who wanted to run Linux pirates or "xbots".
Sony simply didn't realize that the pissed-off userbase might be a low % of PS3 users, but they are also the ones that have enough expertise to pull off something like this. I really wish that Sony were to re-enable Linux not only on the fat ones, but on the slim ones as well.
fairly straight forward, Firstly, many PC's are far more capable in terms of hardware, they are also almost completely upgradeable.
Your standard console isnt, what you have is what you get. The PC until recently had a much larger range of input devices but on that front consoles are catching up as they have done with networking.
The problem with PCs and why Consoles are so popular is they just work, no fafing about, little to no "installing" is required, they are all networked up just pop the disk in and off you go, forget updating drivers and installing the latest direct x.
Now that sounds great and it is, but in every instance where a game has been made for a PC and not just a port the graphics quality and game playability in some instances is far better on the PC, because the PC can be capable of a lot more.
So as to why the console is holding back PCs? Well thats not really a fair question, but a simple answer is that consols are more popular with everyday joe, much more money is made on the titles so developers tend to make the game to the spec of the console, then port it back to the PC, which is why people say the PC is being held back.
There are some cracking titles on consoles and if they did a propper port to the PC id probably buy them but they dont, so i wont, My Media centre is now as powerful as my old desktop which has now ben decomissioned, in terms of power it knocks the socks off both the leading consoles, a few third party controlers and sorted, everything i need in one box...DVD, BD, Music, TV, media server, games, Office, remote control and VM software. But dispite all that it does, a console would still be easier to use because for all mine is more capable i still need to wait 20 min to install the game, make sure drivers are uptodate and every now and then get new DX updates.
I presume you don't own a PS3?
As a PS3 owner, one of the things that does annoy me is the occasional games which either require updates or installations. Take Metal Gear Solid for instance, requires a 4GB install (which takes about 20 minutes!) before you can run it.
Or Uncharted 2 which I played yesterday (since re-formatting my PS3 after upgrading to firmware 3.55), that needed a couple of hundred megs of updates before I could play it.
To be fair it's not all games that do that, and once the updates are installed then they're on there unless you delete them (or reformat or upgrade the hard drive).
I find my XBOX 360 isn't half as bad, most of the games I have for it don't require updates (although one or two occasionally offer updates), plus if I choose to I can install the game to the hard drive (to stop the noise of the DVD drive in the XBOX).
I didn't read all the posts, but the thing that really pissed me off about the linux PS3, was that you didn't get access to the whole processor. It was closed off so you didn't even get accelerated X, just the slow version.
Hopefully with this crack, all the PS3 system resources are available to you, the user, not just some 'subset' that sony decided they would 'let' you have access to.
For Paris, 'whatz a puter?'
This post has been deleted by a moderator
Having built myself a PVR media center PC a year back, using Ubuntu & Mythtv, the thought of using a PS3 to do the same *and* also being able to play PS3 games?
That would be damn awesome.
I think I'm on record here, in an old comment, not understanding why anyone would bother to run Linux on a PlayStation - I was evidentally too thick back then to realise the potential.
Now I have a reason - a MythTV, Boxee, XBMC, Gaming beast in a sleek black case.
I'm keeping my eye on this projects, that's for sure.
@Darren Tuffs While your comment about upgradeability etc. is true, part of the reason I switched form PC to console for my gaming was specifically because I chose not to keep up with the SOTA (State of the Art) tax. In order to play the most popular PC games that are not MMO, you had to have a GPU no less than two years old if you were buying mid range GPUs. Every year, your GPU was now a year older and you weren't going to be able to play as well as the rest of the players playing at the bleeding edge. I won't even get into SSDs, CPUs, RAM, etc. In shooters, this meant you spent a lot of time spawning and very little time shooting.
With a console, you buy the hardware that EVERYONE ELSE is using. Therefore, skill is more important than the hardware. With the console, you buy a generation, then get years of use out of it, then "upgrade" to the new generation when it is available, but you aren't fighting an upgrade war just to play online. Compare the two lists below:
Ultimate Gaming PC Min Requirements
SOTA GPU *2+ (lose SOTA in ~1yr)
SOTA CPU (lose SOTA in ~1yr)
High End RAM (lose edge in ~2yrs)
Gaming Keyboard (assuming no driving/flight sim games no other input req'd)
(Each GPU, CPU, SSD is higher in cost than a console)
Ultimate Gaming Console
Console of choice.
If you evaluate price along with everything else, then consoles win hands down. While it is true that you *could* use a gaming machine for far more than gaming with all that power, very few gamers I have met use the added power for sans gaming activities. They use their computers, but outside of gaming, most would be satisfied with "pick a tower" from their local electronics store.
Biting the hand that feeds IT © 1998–2022